summaryrefslogtreecommitdiff
path: root/core/src/fxcodec
AgeCommit message (Collapse)Author
2015-06-10Remove typdefs for pointer types in fx_system.h.Tom Sepez
This involves fixing some multiple variable per line declarations, as the textually-substituted "*" applies only to the first one. This involves moving some consts around following the substitution. This involves replacing some typedefs used as constructors with better code. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1171733003
2015-06-09Use stdint.h types throughout PDFium.Tom Sepez
It's redundant nowadays to provide our own equivalents, now that this is done for us by the system header. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1177483002
2015-06-08Remove more cruft from fx_system.hTom Sepez
- include system headers first and alphabetize. - remove unsupported FX_WIN32_MOBILE symbol. - actually define a FX_WIN64 symbol and make consistent. - use final/override, not FX_FINAL. - let stdint.h resolve FX_WORDSIZE concerns. - unused FX_ERR and FX_SUCCESS() macros. - unused FX_LSB_FIRST macro. - outline FX type deprecation plan. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1169963003
2015-06-04Move fx_safe_types.h to include/ directory.Tom Sepez
Small bit of OCD here, since this file is included cross-library (i.e. from fpdfsk), it can't be in src/. In other words, the following should be empty: grep -R 'include.*core/src/' fpdfsdk Fix some IWYU in it at the same time. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1147353006
2015-05-28Fix ALL the include guards.Tom Sepez
Get rid of leading _CAPITAL identifiers. A large number of these didn't actually match the filename. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1160443004
2015-05-26Upgrade openjpeg to r3002JUN FANG
BUG=459215 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1160663002
2015-05-21Fix an endless loop in CJBig2_HuffmanTable::parseFromCodedBufferJUN FANG
This issue is trigged by the conversion from unsigned int to signed int. A large unsigned int is converted to int. It's represented as a negative int which is used in the condition of while later. BUG=482639 R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/1146913003
2015-05-20Integer overflow in CJBig2_Image::expandJUN FANG
1. New size should be larger than old size in JBig2_Realloc. 2. Arguments are integers but parameters are size_t in JBIG2_memset. After integer overflows, it will be presented as a huge unsigned number on 64 bits system. BUG=483981 R=brucedawson@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/1148643002
2015-05-19Re-land: Remove FX_Alloc() null checks now that it can't return NULL.Tom Sepez
Fixes the ordering of some assignments broken when converting to checked numerics in CFX_PathData::AddPointCount(). Original Review URL: https://codereview.chromium.org/1142713005 R=thestig@chromium.org Review URL: https://codereview.chromium.org/1135893008
2015-05-19Revert "Remove FX_Alloc() null checks now that it can't return NULL."Tom Sepez
This reverts commit eb6527763171cdb4b0fbfea5a20d691f4d67b660. Reason for revert: broke javascript tests. TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1145843005
2015-05-19Remove FX_Alloc() null checks now that it can't return NULL.Tom Sepez
This permits some functions to become void's since they, in turn, can't fail. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1142713005
2015-05-19Fix Heap Overflow in CJBig2_Image::expandJUN FANG
Integer overflow in CJBig2_Image::expand. It causes the size of reallocated is not expected. BUG=483981 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1131023008
2015-05-18Cleanup if early return from opj_j2k_copy_default_tcp_and_create_tcd().Tom Sepez
The opj_j2k_copy_default_tcp_and_create_tcp() function memcpy's a top-level struct, and then replaces pointers to memory owned by the original struct with new blocks of memory. Unfortunately, an early return can leave the copy with pointers to memory it doesn't own, which causes problems when cleaning up the partially-initialized struct. The referenced bug is triggered when we get a return at original line 7969 or 7385 due to OOM. Moral of the story: creating a "copy constructor" equivalent based on memcpy() instead of copying field by field for structs containing pointers is usually a bad idea. BUG=486538 R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/1138033007
2015-05-18Change FX_Alloc to FX_Try_Alloc in _JpegEncodeJUN FANG
This CL is used for: 1. keeping the same logic as before (the behaviour of FX_Alloc was changed for OOM). 2. fixing a potential integer overflow. BUG=N/A R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1126013006
2015-05-18Add safe FX_Alloc2D() macroTom Sepez
This avoids unchecked multiplications when computing a size argument to malloc(). Such an overflow is very scary, and can result in exploitable bugs. Along the way, kill off some return checks, since we know this can't return NULL. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1143663004
2015-05-15Fix leaks in embedder test's FlateEncode() usage and in FlateEncode().Lei Zhang
For FlateEncode(), error handling code leaked memory. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1144603002
2015-05-15Abort on OOM by default in FX_Alloc().Tom Sepez
Add a FX_TryAlloc() for those few cases where we might need to continue in face of OOM. Remove FX_AllocNL() (the context of its use would suggest that NL means "No Limit"). This is used for some big allocations, so replace it with TryAlloc(). Large allocations may be worth trying to continue from, since there are few and they have a large chance of failing. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1128043009
2015-05-08Fix a bunch of -Wunused-but-set-variable warnings.Lei Zhang
Also fix a few nits and other errors along the way. R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1098583002
2015-05-06Fix a couple of divide by zero crashes in PNG/TIFF predictors.Lei Zhang
BUG=484002 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1124563002
2015-04-21Fix a crashier due to images with abnormal sizeJUN FANG
BUG=453553 R=thestig@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/1093323003
2015-04-16Replace FX_NEW with new, remote tests from fxcodecTom Sepez
R=thestig@chromium.org Review URL: https://codereview.chromium.org/1084303002
2015-04-14Kill CFX_Object.Tom Sepez
CFX_Object is a type that implements its own new operators that return NULL on error. There's no need for this given the |new (std::nothrow)| syntax; in fact, the current code can only work if there is no activity in the constructors. This may explain the pervasive lack of constructors and reliance on Init() methods throughout the codebase. The activity takes place in fx_memory.h, where FX_NEW is mapped onto the std::nothrow syntax. The rest is just cleanup. Down the road, we will simply throw and remove all the error-checking paths for new objects. Landing this patch first will at least show a simple path back to the old behaviour without having to re-introduce CFX_Object should someone want to do so in their own fork. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1088733002
2015-04-13Fix a heap overflow in CJBig2_Context::parseSymbolDictchromium/2371chromium/2370chromium/2369JUN FANG
BUG=476107 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1080893002
2015-03-26Use correctly-typed error codes for fx_codec_jpx_unittestTom Sepez
Needed to fix the failed pdfium_unittests on windows. Ironically, I created these constants so I wouldn't mix up size_t's and off_t's in these tests, but I didn't apply them consistently. R=thestig@chromium.org Review URL: https://codereview.chromium.org/1036743005
2015-03-20Fix missing include for std::minTom Sepez
Build broken on trybot at http://build.chromium.org/p/tryserver.chromium.win/builders/win8_chromium_rel/builds/66012/steps/compile%20%28with%20patch%29/logs/stdio R=thestig@chromium.org TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1026843002
2015-03-19Fix subtle issues in opj_skip_from_memory and add unit tests.Tom Sepez
Follow on to https://codereview.chromium.org/990683002/. This more closely mimics what fseek() actually does, so as to avoid subtle bugs down the road. Move the DecodeData struct into a header so the test can use it, and provide a constructor for it. Along the way, I added include guards, removed the p_ prefix from some non-pointer vars, fixed some IWYU, and resolved some signed/unsigned comparison warnings with careful casting. BUG=452671 R=jun_fang@foxitsoftware.com, thestig@chromium.org Review URL: https://codereview.chromium.org/1016203002
2015-03-16Fix a bug that JPX images can't be shownJUN FANG
In the process of opj_end_decompress, it will return fail when the end of coding stream is reached. However it returns true in the same scenario implemented in openJPEG. So the final solution is from openJPEG. Return true when the end of coding stream is reached. BUG=452671 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/990683002
2015-03-10Kill remaining sprintfsTom Sepez
I thought I had done this already, apart from the third-party libraries, but there were a couple remaining (the third-party libraries will still call this, they should be tweaked upstream as needed). R=thestig@chromium.org Review URL: https://codereview.chromium.org/999543002
2015-03-06Fix multiply defined macro in zlib.h on linux_chromium_clobber_rel_ng builder.Tom Sepez
Speculative fix since the issue doesn't reproduce locally. TBR=brettw@chromium.org Review URL: https://codereview.chromium.org/988883002
2015-02-27Upgrade openjpeg to revision 2997.JUN FANG
BUG=457493 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/960183004
2015-01-30Don't export any OpenJPEG methods from PDFium.John Abd-El-Malek
It's only used internally. This also avoids errors from the verify_order script when linking PDFium into Chromium BUG=453844 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/887193002
2015-01-09Check for NULL pointers in CJBig2_SymbolDict::DeepCopy().chromium/2276chromium/2275chromium/2274chromium/2273Lei Zhang
BUG=445475 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/837093002
2015-01-09Fix -Wnon-virtual-dtor compiler warnings.Tom Sepez
This is done by explicitly adding a virtual dtor to interface classes, since the cost is small given that there are already virtual functions. The exceptions are for classes that have a Release() or Delete() method, in which case it is non-virtual and protected to indicate that the virtual class is never the deletion point. BUG= R=brucedawson@chromium.org, thestig@chromium.org Review URL: https://codereview.chromium.org/810883005
2015-01-05Cleanup: Get rid of CRLF line endings.Lei Zhang
R=brucedawson@chromium.org Review URL: https://codereview.chromium.org/837533003
2015-01-05Remove static declared SymbolDictCache.Bo Xu
This is a follow up CL on https://codereview.chromium.org/761313004/ BUG=https://code.google.com/p/pdfium/issues/detail?id=93 R=brucedawson@chromium.org, tsepez@chromium.org Review URL: https://codereview.chromium.org/828183002
2014-12-17Add a small LRU cache for the JBIG2 symbol dictionary.Bo Xu
This reduces rendering time on my test document by over 10 seconds. It is super common for a JBIG2 dictionary to span multiple pages, so we don't want to decode the same dictionary over and over again. Original patch from Jeff Breidenbach (breidenbach@gmail.com) BUG=https://code.google.com/p/pdfium/issues/detail?id=85 R=bo_xu@foxitsoftware.com, thestig@chromium.org Review URL: https://codereview.chromium.org/761313004
2014-12-12Avoid duplicate definitions of JSCONST_n*Hash and QeTable variables.Bruce Dawson
QeTable is a 752 byte array that was defined in a header file. This caused it to be instantiated by the VC++ compiler 12 times, wasting 8,272 bytes of space in the data segment. Because 'const' implies 'static' this did not cause any duplicate symbol errors. JSCONST_n*HASH are a set of eight variables that are defined in a header file. This causes them to be replicated 15 times. The variables themselves are tiny but they are dynamically initialized and this dynamic initialization code is replicated 15 times. When tested on pdfium_test.exe the effect of this change is to: Reduce the .text (code) segment by 3,616 bytes. Reduce the .rdata section by 8,656 bytes. Reduce the total binary file size by 13312 bytes. These are the worst offenders for pdf.dll as shown in: https://drive.google.com/open?id=1BvubxoA2SU_2e4T5cq7jHTjc1TlT0qOndpIfX3DMeA8&authuser=0 This will also drastically simplify the list of work to be done for bug 441899 (getting rid of initializers). BUG=441988 R=bo_xu@foxitsoftware.com Review URL: https://codereview.chromium.org/802013002
2014-12-12Simplify PDFium by removing code that's not used in the open source repo.John Abd-El-Malek
-remove parameter from FPDF_InitLibrary -remove a bunch of ifdefs that are unused R=tsepez@chromium.org Review URL: https://codereview.chromium.org/801913002
2014-11-24Update to openjpeg r2944Bo Xu
BUG=429139,430566,431288 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/758593002
2014-10-30Update openjpeg to r2920Bo Xu
BUG=414036, 425151 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/688633003
2014-10-22update openjpeg to r2911Bo Xu
BUG=418976, 425150, 414525 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/671943002
2014-10-21Update openjpeg to r2908chromium/2202chromium/2201chromium/2200chromium/2199chromium/2198chromium/2197Bo Xu
BUG=414089, 414310, 414606 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/670813002
2014-10-21More fixes in sycc422_to_rgb and sycc420_to_rgb when image width is oddBo Xu
This patch is supplementary to issue 418881 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/645793007
2014-10-15Fix licenses in headers to pass Chromium's checklicenses tool.chromium/2196chromium/2195chromium/2194chromium/2193chromium/2192chromium/2191Tom Sepez
This is a re-landing of the changes in https://pdfium.googlesource.com/pdfium/+/6387aff which were lost during a libopenjpeg library roll. TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/661463003
2014-10-10Fix a bug when image width is odd in sycc422_to_rgbBo Xu
BUG=418881 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/648823002
2014-10-03check pointer overflow in t2.cBo Xu
BUG=413375 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/624023003
2014-09-30Update openjpegBo Xu
BUG=407964, 414182, 413447 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/589243004
2014-09-08Merge performance fix for cmsDupToneCurve from previous upstream branch.Chris Palmer
BUG= R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/534363002
2014-09-02Tidy up opj_ callback functions in fx_codec_jpx_obj.cppTom Sepez
This is code cleanup rather than bug fixing. The motivation for this was to fix the casts at line 97 of the original file. These are wrong; you cannot correct via casting a function signature mismatch when passing a function as an argument. In theory, there's no reason to believe that the compiler will pass args in the same manner for a function of type (void*, size_t, void*) as for a function of type (void*, size_t, some_struct*). The cast will suppress the compile error, but you can't be assured the call will work as intended. In practice, it does, since the last architecture where a void* had a different representation than a struct* went extinct in the late 80s. In the functions themselves, note that we currently bail out if srcData->offset >= srcData->src_size, so the expression bufferLength = (OPJ_SIZE_T)(srcData->src_size - srcData->offset) will always be > 0. Hence the check if(bufferLength <= 0) is pointless, esp. since bufferLength is a signed type and < 0 makes no sense. The opj_seek_from_memory() has a bool return value, so returning -1 on error doesn't seem reasonable. Change this to TRUE/FALSE, and return false on seek past end. If we're truly passing readonly data, then perhaps it makes sense to make the write() function always return -1. I didn't do this. Lastly, I capitalize "DecodeData" so that it looks like a struct, and change its members to be size_t's to avoid casting back and forth. R=jun_fang@foxitsoftware.com Review URL: https://codereview.chromium.org/507273003
2014-08-27Restrict index not be greater than row_size in TIFF_PredictLineBo Xu
There is not strict way to limit invalid value of |Colors| from dictionary. We can make sure |index| does not go out of boundary of row_size. BUG=407614 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/509993003